Overview
Neo4j Browser sign-in
The Neo4j Browser sign-in page served on first boot with no manual setup.
Neo4j Browser sign-in
Neo4j Browser welcome
Cypher query graph result
Database information panel
This is a repackaged open source software product wherein additional charges apply for cloudimg support services.
Neo4j Community Edition - Production-Ready Graph Database on AWS
Launch a fully configured Neo4j Community Edition graph database and start running Cypher queries in under five minutes. This AMI eliminates manual installation, credential hardening, and reverse-proxy configuration so development teams, data engineers, and small engineering groups without a dedicated DBA can focus on building connected-data applications rather than managing infrastructure.
Why Choose This AMI Over Alternatives
Unlike default Neo4j Docker images or unsupported community AMIs that ship with the well-known neo4j/neo4j credentials, this image generates a unique superuser password on every first boot and stores it in a root-only file. Competing images typically require manual post-launch hardening steps; here, the database is never exposed with default credentials. Combined with 24/7 expert support from cloudimg, buyers get a maintained, secure deployment path that self-managed installs cannot match.
Database Stack
- Neo4j Community Edition (5.x line) running as a systemd service in single-node mode on OpenJDK 21
- Bolt protocol on TCP7687 for driver and cypher-shell connections
- HTTP REST API and Neo4j Browser on TCP 7474
- nginx reverse proxy on TCP 80 fronting the Neo4j Browser with WebSocket upgrade headers forwarded for Bolt-over-WebSocket compatibility
Secure First Boot
On first launch a one-shot systemd service:
- Generates a cryptographically random neo4j superuser password unique to the instance
- Applies it via neo4j-admin set-initial-password while the database is stopped
- Stores the plaintext value in /root/.neo4j_password (readable only by root)
No shared or default credentials ever exist on the running instance. This eliminates the most common misconfiguration vector that leads to unauthorized data access in graph database deployments.
Additional security guidance:
- Enable EBS encryption at rest when launching the instance to protect stored graph data
- Configure TLS termination at the nginx layer or use AWS Certificate Manager for encrypted Bolt and HTTP traffic in transit
- Restrict Security Group ingress on ports 80, 7474, and 7687 to trusted CIDR ranges or a VPC-internal subnet
- Consider placing the instance in a private subnet behind an Application Load Balancer for network isolation
Getting Started
- Launch the AMI on a t3.medium or larger instance with at least 20 GB gp3 EBS storage
- Configure your Security Group to allow inbound TCP on ports 80, 7474, and 7687 from your IP or VPC
- SSH into the instance and retrieve the generated password: sudo cat /root/.neo4j_password
- Open your browser to http:// to reach the Neo4j Browser
- Connect using the username "neo4j" and the retrieved password
- Run your first Cypher query: RETURN'Hello, Graph!' AS message
- Alternatively, connect any Bolt-compatible driver to bolt://:7687
Health check: confirm the Neo4j service is active with systemctl status neo4j and verify HTTP200 on port 7474/browser.
Use Case Spotlight: Real-Time Fraud Detection
A fintech data team ingests transaction events as nodes and relationships into Neo4j, then runs graph traversal queries to surface suspicious transaction rings in real time. Analysts use the Neo4j Browser on port 80 to visually investigate flagged clusters, tracing multi-hop paths that traditional relational queries would miss. This pattern applies equally to anti-money-laundering, identity verification, and insurance claims analysis.
Additional use cases:
- Knowledge graphs and master data management
- Recommendation engines and personalisation
- Identity and access management graphs
- Network and IT dependency mapping
- Supply chain traceability and risk analysis
cloudimg Support
24/7 technical support by email and live chat with one-hour average response for critical issues. Our engineers assist with Neo4j deployment, upgrades, Cypher query tuning, indexing strategy, graph data modelling, and database administration.
All product and company names are trademarks or registered trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
Highlights
- Unlike unsupported community images that ship with default neo4j/neo4j credentials, this AMI generates a unique superuser password on every first boot and locks it in a root-only file. The database is never exposed with known credentials, eliminating the most common graph database misconfiguration that leads to unauthorized access. Combined with EBS encryption guidance and Security Group best practices, your data is protected from launch.
- Graph database accepting Cypher queries in under five minutes. Neo4j Community Edition 5.x runs as a systemd service on OpenJDK 21 with nginx reverse-proxying the Neo4j Browser on port 80, the HTTP API on 7474, and Bolt on 7687. WebSocket upgrade headers are forwarded so Browser-based Bolt connections work without additional configuration. No manual installation or post-launch setup required.
- 24/7 technical support from cloudimg with one-hour average response for critical issues. Engineers assist with Neo4j deployment, Cypher query tuning, indexing strategy, graph data modelling, and database administration. Unlike free community images with no vendor backing, this listing includes ongoing expert help so teams without a dedicated DBA can operate Neo4j confidently in production.
Details
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
Pricing
Free trial
- ...
Dimension | Description | Cost/hour |
|---|---|---|
m5.large Recommended | m5.large | $0.08 |
t2.micro | t2.micro instance type | $0.04 |
t3.micro | t3.micro instance type | $0.04 |
trn1.2xlarge | trn1.2xlarge instance type | $0.24 |
r8a.8xlarge | r8a.8xlarge instance type | $0.24 |
m8id.96xlarge | m8id.96xlarge instance type | $0.24 |
m7i.4xlarge | m7i.4xlarge instance type | $0.24 |
r7i.metal-48xl | r7i.metal-48xl instance type | $0.24 |
i7i.large | i7i.large instance type | $0.08 |
r6in.xlarge | r6in.xlarge instance type | $0.12 |
Vendor refund policy
Refunds available on request.
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Initial release of Neo4j Community Edition 5 graph database.
Additional details
Usage instructions
Connect via SSH on port 22 as the default login user for your operating system variant (the user guide lists it per variant). The Neo4j Browser web interface is reachable at http://<instance-public-ip>/ (port 80, nginx reverse proxy) or http://<instance-public-ip>:7474/ directly. The Bolt protocol for drivers and cypher-shell is on port 7687. Retrieve the generated neo4j superuser password with: sudo cat /root/neo4j-credentials.txt. Restrict ports 80, 7474 and 7687 to trusted networks because the Neo4j Browser interface and Bolt protocol both expose database access. To enable HTTPS, follow the reverse proxy section of the user guide.
Resources
Vendor resources
Support
Vendor support
cloudimg Support
cloudimg provides 24/7 technical support for this Neo4j Community Edition AMI.
Channels:
- Email: support@cloudimg.co.uk
- Live chat (available around the clock)
Response Times:
- Critical issues: one-hour average response
- General inquiries: handled during the same business day
Scope of Support:
- Deployment assistance and initial configuration
- Neo4j upgrades and patch guidance
- Cypher query tuning and indexing strategy
- Graph data modelling best practices
- Performance troubleshooting and database administration
- Security hardening recommendations (TLS, network isolation, EBS encryption)
Getting Started: After launching your instance, retrieve the auto-generated neo4j superuser password by running: sudo cat /root/.neo4j_password. If you encounter any issues during setup or need guidance on instance sizing, open a support ticket via email or live chat and our engineers will assist.
Refunds and Billing: For questions about charges, billing adjustments, or refund requests, contact support@cloudimg.co.uk with your AWS instance ID and we will respond within one business day.
We are committed to helping you get the most from your Neo4j deployment on AWS.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.